Computer Crime Research Center

Google fixes Gmail flaw

Google, Inc. was made aware of a minor flaw in GMail by a teenage blogger earlier today.

Anthony, 14, claimed that when he sent a Javascript code to his GMail account from an outside account, Google’s web-based mail service automatically ran the script. This means that an attacker could potentially send a similar attachment to gather the account holder’s contact list, or even his account.

Google confirmed the flaw later in the day and fixed it immediately. However, the company criticized the blogger for not following standard protocol and informing the search giant about the flaw.
Original article